共查询到19条相似文献,搜索用时 687 毫秒
1.
2.
3.
4.
正[基本案情]2011年至2012年,犯罪嫌疑人朱某利用担任某市卫生局长的职务便利,多次收受某医药公司张某等人的财物,在该医药公司产品入市审批时为其提供方便。由于部分账目数据存储于朱某个人电脑,为搜集固定证据,侦查机关依据《人民检察院刑事诉讼规则(试行)》关于电子数据取证方法的相关规定,对犯罪嫌疑人的电脑主机、硬盘进行封存时,采取了拍照、录像等方法,并为犯罪嫌疑人出具了记录硬盘序列号 相似文献
5.
6.
在百度百科上搜索DVR,可以得到以下解释:DVR是Digital Video Recorder—数字视频录像机或数字硬盘录像机的简称,我们习惯上称为硬盘录像机.它是一套进行图像存储处理的计算机系统,具有对图像、语音进行长时间录像、录音、远程监视和控制的功能.第一代DVR发展于九十年代后期到2005年,典型特征是:采用MPEG1/2视频压缩算法,具备TV输出显示接口.第一代DVR在性能、功能、容量上远远超过了模拟录像机,因此迅速占领了视频监控录像市场,但是由于是初代产品,在功能、人机交互、产品形态上比较粗糙. 相似文献
7.
8.
正电子数据在侦查工作中的运用由来已久,比如硬盘恢复、短信记录获取、数字图像比对等,但由于缺乏对电子数据的明确定义,各地的实践往往存在较大的差异性,规范化程度不够,电子数据的获取与运用尚处于初级阶段。一、反贪侦查中电子数据的常见类型及技术方法学界对于电子数据的讨论由来已久,对其定义和界定并没有统一的定论。一般而言,所谓"电子数据"即 相似文献
10.
案例1 2004年12月18日,某小区内一位60余岁的老人在马路边晨练时遇到一个外地人,说因急用钱,想用价值10余万元的古铜币换5万元人民币现金,老人听了他的花言巧语后回家取钱,交易在该小区内进行。第二天,老人知道被骗后报案。经过对小区内居民进行调查访问,得知作案人乘的是一辆外地牌号的红色轿车,但没有人能记住此车牌号。幸好该小区在重点部位刚刚安装监控摄像头,然而因监控微机出现故障,所存数据不慎丢失,且不能正常运转。技术人员将微机硬盘取回,用硬盘数据恢复软件对其进行恢复,找到了作案时间段的录像数据,对数据进行处理后播放,清晰地看到了作案人所乘车子的牌照号码,从而破案并追回了所有被骗现金。 相似文献
11.
As the closed-circuit television (CCTV) security industry transitioned from analog media to digital video recorders (DVRs) with digital storage, the law enforcement community struggled with the means with which to collect the recordings. New guidelines needed to be established to determine the collection method which would be efficient as well as provide the best quality evidence from live DVRs. A test design was developed to measure, quantify, and rank the quality of acquisition methods used on live systems from DVRs typically used in digital CCTV systems. The purpose was to determine guidelines for acquiring the best quality video for investigative purposes. A test pattern which provided multiple quantifiable metrics for comparison between the methods of acquisition was used. The methods of acquisition included direct data download of the proprietary file and open file format as well as recording the video playback from the DVR via the available display monitor connections including the composite video, Video Graphics Array (VGA), and high-definition multimedia interface (HDMI). While some acquisition methods may provide the best quality evidence, other methods of acquisition are not to be discounted depending on the situation and need for efficiency. As an investigator that needs to retrieve video evidence from live digital CCTV systems, the proprietary file format, overall, provides the best quality evidence. However, depending on the circumstance and as recording technology continues to evolve, options other than the proprietary file format may provide quality that is equal to or greater than the proprietary file format. 相似文献
12.
Video data received for analysis often come in a variety of file formats and compression schemes. These data are often transcoded to a consistent file format for forensic examination and/or ingesting into a video analytic system. The file format often requested is an MP4 file format. The MP4 file format is a very common and a universally accepted file format. The practical application of this transcoding process, across the analytical community, has generated differences in video quality. This study sought to explore possible origins of the differences and assist the practitioner by defining minimum recommendations to ensure that quality of the video data is maintained through the transcoding process. This study sought to generate real world data by asking participants to transcode provided video files to an MP4 file format using programs they would typically utilize to perform this task. The transcoded results were evaluated based on measurable metrics of quality. As the results were analyzed, determining why these differences might have occurred became less about a particular software application and more about the settings employed by the practitioner or of the capabilities of the program. This study supports the need for any video examiner who is transcoding video data to be cognizant of the settings utilized by the programs employed for transcoding video data, as loss of video quality can affect analytics as well as further analysis. 相似文献
13.
14.
Minnaard proposed a novel method that constructs a creation time bound of files recovered without time information. The method exploits a relationship between the creation order of files and their locations on a storage device managed with the Linux FAT32 file system. This creation order reconstruction method is valid only in non-wraparound situations, where the file creation time in a former position is earlier than that in a latter position. In this article, we show that if the Linux FAT32 file allocator traverses the storage space more than once, the creation time of a recovered file is possibly earlier than that of a former file and possibly later than that of a latter file on the Linux FAT32 file system. Also it is analytically verified that there are at most n candidates for the creation time bound of each recovered file where n is the number of traversals by the file allocator. Our analysis is evaluated by examining file allocation patterns of two commercial in-car dashboard cameras. 相似文献
15.
《Digital Investigation》2008,5(1-2):19-28
In May 2007, a case of potential child abuse was reported to the hospital where the victim was under observation. The child had been in the hospital for several months and there was hope that a digital video recorder (DVR) may have recorded the maltreatment of a hospitalized child. Unfortunately the recordings could not be found on the device by hospital security employees. The DVR was given to digital forensic examiners in an effort to recover footage. This article details how the system was examined, describing the steps that were taken to obtain information and how the information was interpreted. The methods described in this article can be applied to other similar devices. 相似文献
16.
Video content stored in Video Event Data Recorders (VEDRs) are used as important evidence when certain events such as vehicle collisions occur. However, with sophisticated video editing software, assailants can easily manipulate video records to their advantage without leaving visible clues. Therefore, the integrity of video content recorded through VEDRs cannot be guaranteed, and the number of related forensic issues increases. Existing video integrity detection methods use the statistical properties of the pixels within each frame of the video. However, these methods require ample time, because they check frames individually. Moreover, the frame can easily be replaced and forged using the appropriate public software. To solve this problem, we propose an integrity checking mechanism using the structure of ordered fields in a video file, because existing video editing software does not allow users to access or modify field structures. In addition, because our proposed method involves checking the header information of video content only once, much less detection time is required compared with existing methods that examine the entire frames. We store an ordered file structure of video content as a signature in the database using a customized automated tool. The signature appears according to the video editing software. Then, the suspected video content is compared to a set of signatures. If the file structure matches with a signature, we recognize a manipulated video file by its corresponding editing software. We tested five types of video editing software that cover 99% of the video editing software market share. Furthermore, we arranged 305,981 saving options for all five video editing suites. As a result, we obtained 100% detection accuracy using stored signatures, without false positives, in a collection of 305,981 video files. The principle of this method can be applied to other video formats. 相似文献
17.
《Digital Investigation》2014,11(3):187-200
A recent increase in the prevalence of embedded systems has led them to become a primary target of digital forensic investigations. Embedded systems with DVR (Digital Video Recorder) capabilities are able to generate multimedia (video/audio) data, and can act as vital pieces of evidence in the field of digital forensics.To counter anti-forensics, it is necessary to derive systematic forensic techniques that can be used on data fragments in unused (unallocated) areas of files or images. Specifically, the techniques should extract meaningful information from various types of data fragments, such as non-sequential fragmentation and missing fragments overwritten by other data.This paper proposes a new digital forensic system for use on video data fragments related to DVRs. We demonstrate in detail special techniques for the classification, reassembly, and extraction of video data fragments, and introduce an integrated framework for data fragment forensics based on techniques described in this paper. 相似文献
18.
《Digital Investigation》2014,11(1):43-56
Digital forensics practitioners face a continual increase in the volume of data they must analyze, which exacerbates the problem of finding relevant information in a noisy domain. Current technologies make use of keyword based search to isolate relevant documents and minimize false positives with respect to investigative goals. Unfortunately, selecting appropriate keywords is a complex and challenging task. Latent Dirichlet Allocation (LDA) offers a possible way to relax keyword selection by returning topically similar documents. This research compares regular expression search techniques and LDA using the Real Data Corpus (RDC). The RDC, a set of over 2400 disks from real users, is first analyzed to craft effective tests. Three tests are executed with the results indicating that, while LDA search should not be used as a replacement to regular expression search, it does offer benefits. First, it is able to locate documents when few, if any, of the keywords exist within them. Second, it improves data browsing and deals with keyword ambiguity by segmenting the documents into topics. 相似文献
19.
Video file format standards define only a limited number of mandatory features and leave room for interpretation. Design decisions of device manufacturers and software vendors are thus a fruitful resource for forensic video authentication. This paper explores AVI and MP4-like video streams of mobile phones and digital cameras in detail. We use customized parsers to extract all file format structures of videos from overall 19 digital camera models, 14 mobile phone models, and 6 video editing toolboxes. We report considerable differences in the choice of container formats, audio and video compression algorithms, acquisition parameters, and internal file structure. In combination, such characteristics can help to authenticate digital video files in forensic settings by distinguishing between original and post-processed videos, verifying the purported source of a file, or identifying the true acquisition device model or the processing software used for video processing. 相似文献